Lucene search
K
NcscMost viewed

4190 matches found

NCSC
NCSC
•added 2022/04/12 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Windows Defender

A vulnerability has been fixed in Microsoft Windows Defender. A malicious party can exploit this vulnerability to cause a denial-of-service. This requires a user to be tricked into handling a rogue file on the system. Windows Defender: |----------------|------|------------------------------------...

5.5CVSS6.1AI score0.02713EPSS
Exploits0
NCSC
NCSC
•added 2022/04/12 12:0 a.m.•5 views

Vulnerability fixed in Microsoft Dynamics

A vulnerability has been fixed in Microsoft Dynamics. The vulnerability potentially allows an authenticated user to to execute arbitrary SQL code on the Dynamics database. Microsoft Dynamics: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

9CVSS7.5AI score0.02776EPSS
Exploits0
NCSC
NCSC
•added 2022/04/07 12:0 a.m.•5 views

Vulnerabilities fixed in FortiClient

Vulnerabilities have been fixed in FortiClient for Linux and Windows. The vulnerabilities allow a local malicious agent to to gain access to system data and obtain elevated privileges. Fortinet has released updates to fix the vulnerability. More information can be found on the pages below:...

8.8CVSS6.7AI score0.00888EPSS
Exploits0
NCSC
NCSC
•added 2022/03/25 12:0 a.m.•5 views

Vulnerability fixed in SonicOS

SonicWall has fixed a vulnerability in SonicOS. A unauthenticated malicious person could exploit the vulnerability to cause a denial-of-service, and potentially execute arbitrary code execute arbitrary code in the firewall process. SonicWall has released updates to fix the vulnerability in SonicO...

9.8CVSS7.6AI score0.57324EPSS
Exploits3
NCSC
NCSC
•added 2022/03/23 12:0 a.m.•5 views

Vulnerability fixed in IBM MQ

IBM has fixed a vulnerability in IBM MQ. The vulnerability allows an authenticated malicious party to cause a denial-of-service exploit. IBM has released updates to fix the vulnerability. For more information, see: https://www.ibm.com/support/pages/node/6560040...

6.5CVSS6.6AI score0.00945EPSS
Exploits0
NCSC
NCSC
•added 2022/03/21 12:0 a.m.•5 views

Vulnerability fixed in IBM Specturm Protect

IBM has fixed a vulnerability in Spectrum Protect Server. By exploiting this vulnerability obtain elevated privileges on the vulnerable system. IBM has released updates to fix the vulnerability in Spectrum Protect Server 8.1.14.100. For more information, see:...

9CVSS6.7AI score0.02125EPSS
Exploits0
NCSC
NCSC
•added 2022/03/16 12:0 a.m.•5 views

Vulnerabilities fixed in Bareos

Vulnerabilities have been fixed in Bareos. The vulnerability with reference CVE-2022-24755 can be exploited to bypass authentication. circumvention. To exploit this vulnerability, the Bareos Director must be configured with PAM as the authentication agent. The vulnerability with attribute...

9.8CVSS7.1AI score0.01996EPSS
Exploits2
NCSC
NCSC
•added 2022/03/15 12:0 a.m.•5 views

Vulnerabilities fixed in CyberArk Privileged Session Manager and Password Vault Manager

Vulnerabilities have been fixed in the CyberArk Privileged Session Manager and Password Vault Manager. The vulnerabilities allow a malicious party to conduct attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to...

7.5AI score
Exploits0
NCSC
NCSC
•added 2022/03/11 12:0 a.m.•5 views

Vulnerability fixed in ARM, AMD and Intel processors

Researchers at VU Amsterdam have found a new variant of the Spectre vulnerability. The researchers have dubbed the attack Branch History Injection. Previous mitigation for Spectre v2 is not sufficient to fully fix the vulnerability, according to the researchers. According to the researchers, this...

6.8CVSS5.8AI score0.00508EPSS
Exploits0
NCSC
NCSC
•added 2022/03/11 12:0 a.m.•5 views

Vulnerabilities fixed in Dell BIOS

Vulnerabilities have been fixed in the BIOS of several Dell products. The vulnerabilities make it possible for a local malicious person with elevated privileges to execute code while the system is active in System Management Mode SMM. Dell has made updates available to fix the vulnerabilities fix...

8.2CVSS7AI score0.00275EPSS
Exploits0
NCSC
NCSC
•added 2022/03/11 12:0 a.m.•5 views

Vulnerabilities fixed in Sophos SG UTM

Vulnerabilities have been fixed in Sophos SG UTM. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS SQL Injection Access to sensitive data Sophos has fixed the vulnerabilities in SG UTM version 9.710. More...

8.8CVSS9.6AI score0.11296EPSS
Exploits0
NCSC
NCSC
•added 2022/03/09 12:0 a.m.•5 views

Vulnerability fixed in AMD processors

AMD has fixed a vulnerability with reference CVE-2021-26401 for the Ryzen and Athlon processors. This vulnerability has the same cause as the vulnerability known as Spectre, with attribute CVE-2017-5717. This vulnerability allows a malicious party to obtain sensitive data from the memory of a loc...

7.8CVSS6.4AI score0.01445EPSS
Exploits1
NCSC
NCSC
•added 2022/03/02 12:0 a.m.•5 views

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to system data Google has ma...

9.6CVSS7.4AI score0.01677EPSS
Exploits2
NCSC
NCSC
•added 2022/02/21 12:0 a.m.•5 views

Vulnerabilities fixed in BMC Track-It!

BMC has fixed several vulnerabilities in Track-It! A malicious party could exploit the vulnerabilities to gain access to the application or to execute arbitrary code under the application's privileges. The vulnerability with reference CVE-2022-24047 involves an "authentication bypass" that allows...

9.8CVSS7.6AI score0.01866EPSS
Exploits0
NCSC
NCSC
•added 2022/02/17 12:0 a.m.•5 views

Vulnerability fixed in IBM MQ

A vulnerability has been fixed in IBM MQ for the Solaris platform. A malicious party could potentially exploit the vulnerability to cause a denial-of-service via the Queue Manager channel process. IBM has released updates to fix the vulnerability in MQ 9.1. For more information, see:...

7.5CVSS6.7AI score0.01156EPSS
Exploits0
NCSC
NCSC
•added 2022/02/16 12:0 a.m.•5 views

Vulnerabilities fixed in VMware Workstation, Fusion & ESXi

VMware has fixed several vulnerabilities in various products, namely Workstation Pro/Player, Fusion and ESXi. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Manipulation of data Remote code execution User right...

7.8CVSS8.2AI score0.0228EPSS
Exploits0
NCSC
NCSC
•added 2022/02/16 12:0 a.m.•5 views

Vulnerability fixed in VMware NSX Edge

A vulnerability has been fixed in VMware NSX Edge. A authenticated malicious person with SSH access could potentially execute arbitrary commands on the underlying system with root privileges. Although this product is typically connected to a publicly accessible network, it is good practice to mak...

7.8CVSS7AI score0.00349EPSS
Exploits0
NCSC
NCSC
•added 2022/02/10 12:0 a.m.•5 views

Vulnerabilities fixed in Palo Alto GlobalProtect App

Palo Alto Networks has fixed vulnerabilities in GlobalProtect App. The vulnerabilities potentially enable a local malicious person to able to launch attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Access to sensitive data Increased...

7.8CVSS7.3AI score0.00746EPSS
Exploits0
NCSC
NCSC
•added 2022/02/08 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root rights Remote code execution User rights...

9.3CVSS7.2AI score0.53655EPSS
Exploits4
NCSC
NCSC
•added 2022/02/08 12:0 a.m.•5 views

Vulnerabilities fixed in Microsoft SQL Server and Power BI

Microsoft has fixed vulnerabilities in Microsoft SQL Server and Power BI. The vulnerabilities allow a malicious party to obtain elevated user privileges. SQL Server: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impact |...

7.8CVSS7.1AI score0.02567EPSS
Exploits0
NCSC
NCSC
•added 2022/02/04 12:0 a.m.•5 views

Vulnerability fixed in VMware Workstation, Fusion & ESXi

A vulnerability has been fixed in VMware Workstation, Fusion & ESXi. The vulnerability enables a malicious person with access to a virtual machine on which CD-ROM virtualization is enabled to able to execute arbitrary code on the hypervisor. To exploit this vulnerability, a CD image must be...

7.8CVSS7.5AI score0.04681EPSS
Exploits0
NCSC
NCSC
•added 2022/02/01 12:0 a.m.•5 views

Vulnerabilities fixed in IBM Spectrum Protect Plus

IBM has fixed vulnerabilities in Spectrum Protect Plus. The vulnerabilities, which include those in the Node.js and PostgreSQL components of the product, allow a malicious party to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS. Manipulation of data...

8.2CVSS7.3AI score0.21514EPSS
Exploits5
NCSC
NCSC
•added 2022/01/31 12:0 a.m.•5 views

Vulnerability fixed in ABB OPC Server

A vulnerability has been fixed in ABB OPC Server for AC 800M. The vulnerability enables an authenticated remote malicious person to able to execute arbitrary code. ABB has released updates to fix the vulnerability. To exploit this vulnerability requires access to the network of the victim's netwo...

8.8CVSS7.2AI score0.00831EPSS
Exploits0
NCSC
NCSC
•added 2022/01/31 12:0 a.m.•5 views

Vulnerability fixed in IBM Spectrum Protect Plus

IBM has fixed a vulnerability in Spectrum Protect Plus. A authenticated malicious party can, by exploiting this vulnerability to gain elevated privileges on the vulnerable system. IBM has released updates to fix the vulnerability in Spectrum Protect Plus 10.1.9. For more information, see:...

7.8CVSS9.4AI score0.00353EPSS
Exploits2
NCSC
NCSC
•added 2022/01/28 12:0 a.m.•5 views

Vulnerabilities fixed in Foxit PDF Reader and Foxit PDF Editor

Vulnerabilities have been fixed in the PDF Reader and PDF Editor from Foxit. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to system data This...

9.8CVSS7.8AI score0.49839EPSS
Exploits2
NCSC
NCSC
•added 2022/01/27 12:0 a.m.•5 views

Vulnerabilities fixed in Apple macOS

Vulnerabilities have been fixed in macOS Monterey, Big Sur and Catalina. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution Administrator/Root rights Remote...

10CVSS7.1AI score0.11638EPSS
Exploits0
NCSC
NCSC
•added 2022/01/27 12:0 a.m.•5 views

Vulnerability found in i915 kernel driver

A researcher has found a vulnerability in the Linux i915 kernel driver. The memory cache of the i915 kernel graphics driver is not properly cleaned up. An attacker exploiting this vulnerability could cause a local denial-of-service DoS cause or gain access to system data or elevated user...

7.8CVSS7.4AI score0.00379EPSS
Exploits0
NCSC
NCSC
•added 2022/01/26 12:0 a.m.•5 views

Vulnerabilities fixed in Dell BIOS

Two vulnerabilities have been fixed in Dell products. The vulnerabilities allow a locally authenticated malicious person potentially be able to execute arbitrary code through a System Management Interupt SMI in the System Management RAM SMRAM of the device. This portion of memory is normally only...

7.5CVSS7.8AI score0.00251EPSS
Exploits0
NCSC
NCSC
•added 2022/01/24 12:0 a.m.•5 views

Vulnerabilities fixed in Zabbix

Vulnerabilities have been fixed in Zabbix. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Scripting XSS. Circumvention of security measure Remote code execution Administrator/Root rights Remote code execution User rights...

9.8CVSS7AI score0.95683EPSS
Exploits10
NCSC
NCSC
•added 2022/01/21 12:0 a.m.•5 views

Fixed vulnerability in AIDE (Advanced Indtrusion Detection Environment)

A vulnerability has been fixed in AIDE Advanced Intrusion Detection Environment. Due to a flaw in the way base64 data is is processed, a local malicious agent can cause a denial-of-service cause, or potentially execute arbitrary code under the rights of the application. -= SUSE =- SUSE has made...

7.8CVSS7.4AI score0.00493EPSS
Exploits1
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Virtualization

Oracle has fixed vulnerabilities in VM VirtualBox. A malicious party needs local access rights to exploit the vulnerabilities. ------------------.------.------------------------------------- | CVE ID | CVSS | Vector |. |------------------|------|-------------------------------------| |...

6.5CVSS6.4AI score0.0066EPSS
Exploits0
NCSC
NCSC
•added 2022/01/19 12:0 a.m.•5 views

Vulnerabilities fixed in Oracle Siebel CRM

Oracle has fixed vulnerabilities in the Siebel UI Framework product. ------------------.------.------------------------------------- | CVE-ID | CVSS | Vector |. |------------------|------|-------------------------------------| | CVE-2021-2351 | 8.3 | AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H | |...

8.5CVSS9.4AI score0.97906EPSS
Exploits14
NCSC
NCSC
•added 2022/01/18 12:0 a.m.•5 views

Vulnerabilities fixed in Gitlab

Vulnerabilities have been fixed in Gitlab. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Spoofing Accessing sensitive data O...

8.7CVSS6.3AI score0.01449EPSS
Exploits1
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•5 views

Vulnerabilities fixed Juniper Junos OS

Juniper has fixed several vulnerabilities in Junos OS. The vulnerabilities allow a malicious party to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Spoofing Increased user privileges Because these are...

9.8CVSS6.9AI score0.01137EPSS
Exploits1
NCSC
NCSC
•added 2022/01/13 12:0 a.m.•5 views

Vulnerabilities fixed in Schneider Electric products

Schneider Electric has fixed vulnerabilities in Modicon products. The vulnerabilities allow an unauthenticated malicious person able to cause a denial-of-service or gain access to sensitive data. Schneider Electric has released updates to address the vulnerabilities. fixes. For more information,...

8.8CVSS6.8AI score0.0093EPSS
Exploits0
NCSC
NCSC
•added 2022/01/07 12:0 a.m.•5 views

Vulnerability fixed in H2 Database Console

A vulnerability has been found in the Console component of H2 Database. This vulnerability allows a local malicious person to to execute arbitrary code under application privileges. Researchers at JFrog found this vulnerability during additional research on Java vulnerabilities following Log4j. S...

10CVSS7.4AI score0.63211EPSS
Exploits3
NCSC
NCSC
•added 2021/12/21 12:0 a.m.•5 views

Vulnerabilities fixed in SolarWinds Orion

SolarWinds has fixed vulnerabilities in Orion. The vulnerabilities marked CVE-2021-35234 and CVE-2021-35248 allow an authenticated malicious person to gain access to user data, including hashed passwords and information about salts used. In addition, a malicious person with alert management...

8.8CVSS7.5AI score0.05769EPSS
Exploits0
NCSC
NCSC
•added 2021/12/20 12:0 a.m.•5 views

Vulnerabilities fixed in VMware products

VMware has fixed vulnerabilities in the following products: VMware Cloud Foundation VMware Identity Manager vIDM VMware Workspace ONE Access Access VMware vRealize Automation vRA VMware vRealize Suite Lifecycle Manager A remote malicious party could potentially exploit them to bypass two-factor...

8.8CVSS6.9AI score0.01558EPSS
Exploits0
NCSC
NCSC
•added 2021/12/17 12:0 a.m.•5 views

Vulnerabilities fixed in Dell EMC iDRAC

Dell EMC has fixed vulnerabilities in iDRAC8 and iDRAC9.The vulnerabilities potentially allow a malicious party to launch attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to sensitive data Access to system...

9CVSS7.8AI score0.50445EPSS
Exploits0
NCSC
NCSC
•added 2021/12/14 12:0 a.m.•5 views

Vulnerability fixed in WIBU Codemeter Runtime

WIBU Systems has fixed a vulnerability in WIBU Codemeter Runtime. A local, authenticated malicious party could potentially exploit the vulnerability potentially exploit it to cause a denial-of-service cause, or manipulate data. The vulnerability can be exploited by creating a symbolic link using...

7.1CVSS6.7AI score0.00289EPSS
Exploits0
NCSC
NCSC
•added 2021/12/14 12:0 a.m.•5 views

Vulnerability fixed in SIMATIC eaSie PCS7

Siemens has fixed a vulnerability in SIMATIC eaSie PCS7. A authenticated malicious party can exploit the vulnerability to access arbitrary files via path-traversal on the vulnerable system. The download function in which the vulnerability is not activated by default. Siemens has released updates ...

6.5CVSS7AI score0.0091EPSS
Exploits0
NCSC
NCSC
•added 2021/12/13 12:0 a.m.•5 views

Vulnerabilities fixed in IBM i2 Analysts Notebook

IBM has fixed vulnerabilities in i2 Analysts' Notebook. A local malicious party could potentially exploit the vulnerabilities to obtain elevated privileges within the application. IBM has released updates to fix the vulnerabilities in i2 Analysts' Notebook 9.3.1. For more information, see:...

7.8CVSS6.9AI score0.00299EPSS
Exploits0
NCSC
NCSC
•added 2021/12/09 12:0 a.m.•5 views

Vulnerability fixed in SonicWall Global VPN Client

A vulnerability has been fixed in SonicWall Global VPN Client. The vulnerability is in the handling of specific DLL files. A local malicious party can exploit the vulnerability to execute arbitrary code. SonicWall has released updates to fix the vulnerability fix in Global VPN Client 4.10.7. More...

7.8CVSS6.5AI score0.00851EPSS
Exploits0
NCSC
NCSC
•added 2021/12/08 12:0 a.m.•5 views

Vulnerabilities fixed in SonicWall SMA100 series

Vulnerabilities have been fixed in SonicWall SMA100. The vulnerabilities with the attribute CVE-2021-20038 and CVE-2021-20045 have received a CVSSv3 score of 9.8 and 9.4 and allow an unauthenticated remote malicious person potentially able to execute code execute code on the system. The...

9.8CVSS7.8AI score0.99912EPSS
Exploits8
NCSC
NCSC
•added 2021/12/07 12:0 a.m.•5 views

Vulnerability fixed in Dell Wyse Device Agent

A vulnerability has been fixed in Dell Wyse Device Agent version 14.5.4.1 and below. A local authenticated user with low privileges could potentially exploit this security vulnerability and gain access to sensitive information. Dell has released updates to fix the vulnerability in Wyse Device...

5.5CVSS6.4AI score0.00221EPSS
Exploits0
NCSC
NCSC
•added 2021/12/02 12:0 a.m.•5 views

Vulnerability fixed in Cryptshare server

A vulnerability has been fixed in the Web App component of Cryptshare server. This vulnerability allows a malicious user of the system to, via an "HTML injection" attack to redirect the recipient of a "confidential" message to an arbitrary web page. The recipient must open such a message message...

5.4CVSS6.6AI score0.00665EPSS
Exploits1
NCSC
NCSC
•added 2021/11/30 12:0 a.m.•5 views

Vulnerability concealed in FortiClient

A vulnerability has been fixed in FortiClient and FortiClient EMS. An insecure search path could allow an attacker to launch a DLL-Hijack attack. Through the exploitation of this vulnerability, an attacker can obtain elevated privileges on the vulnerable system. Fortinet has released updates to f...

7.8CVSS6.6AI score0.00243EPSS
Exploits0
NCSC
NCSC
•added 2021/11/15 12:0 a.m.•5 views

Vulnerabilities fixed in Zoom

Zoom has fixed several vulnerabilities in the Zoom client and connector. A malicious party could potentially exploit them to cause a denial-of-service, to execute arbitrary code with user privileges, or to gain access to sensitive data. The most serious vulnerability is in the windows client, in...

9CVSS7.7AI score0.01338EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•5 views

Vulnerabilities fixed in Siemens SIMATIC WINCC

Siemens has fixed vulnerabilities in WinCC. A authenticated malicious person could exploit the vulnerabilities to execute a "Path Traversal" and thus appropriate elevated privileges, read and write arbitrary files and manipulate write and thereby manipulate data and/or gain access gain access to...

9.9CVSS7.1AI score0.01233EPSS
Exploits0
NCSC
NCSC
•added 2021/11/09 12:0 a.m.•5 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in the following products: SAP ABAP Platform Kernel SAP Commerce SAP ERP Financial Accounting SAP ERP HCM Portugal SAP Focused SAP GUI for Windows SAP NetWeaver Application Server for ABAP and ABAP Platform. SAP Solution Manager The vulnerabilities potentially enable...

8.8CVSS6.8AI score0.02647EPSS
Exploits0
Total number of security vulnerabilities4190